It’s that time again. Creating or updating the audit plan for the next calendar year. Most audit groups probably create a risk-based plan — which essentially means we start with some sort of risk assessment and determine the audits that should be on the plan — then try to figure out if there are enough hours to complete the work we propose to do. There is a brief discussion among the audit leadership team. Managers and directors trying to get more hours and resources. CAEs thinking that 250 hours for an audit is an enormous amount of time — nostalgically remembering their days in public accounting when they used to be able to complete audits in record time (conveniently forgetting that those jobs were always miserably over budget). Seniors and staff wondering why everyone is huddled behind closed doors all the time — secretly hoping that there are exotic locations to travel to on the new plan and that the travel budget is reasonable.

I always struggle when I review enterprise risk management (ERM) information that seems to stop at the risk assessment activity. Isn’t it time we stop just merely assessing risk and start addressing risk?

Our kids have been out of school since May 26. Every day I come home from work and ask my son what he did all day — same answer — Xbox. I ask my daughter what she did — same answer — nothing. Really? When we were kids, we rode our bikes to the bike shop for candy (most were a penny or a nickel), went to the local plunge, walked to the movies, and rode the bus to the beach for 75 cents. We also read books that we could actually hold in our hands, instead of downloading onto a Kindle or an iPad.

I’m still learning. A couple of weeks ago, I attended the Compliance Week conference in Washington, D.C. I learned new terminology — such as “flash crash” and “liar loans” — from the roundup of exceptionally powerful speakers. Much of the discussion focused on the U.S. Senate and House bills being reconciled to bring new regulation to the financial services industry. It is a fascinating time we live in.

Zero. That’s the number of e-mails I have stored in my in-box at the moment. I try to keep it under five. I only store work that I need to get done today in my in-box. The rest follows the 4 D’s — do, delete (my favorite), delegate (a close second), and drag. “Drag” can also mean “file” — but that doesn’t start with a “D.” I cheat a little — I’ve set up “rules” for most of my e-mails from service providers and others outside of the company. These e-mails get tucked away in a reading folder until I have time to scan them. One arrived the other day about the new UK Anti-corruption Law. If you haven’t read about this, and your company does business in the United Kingdom, you need to take a look.

Monday morning, 5:30 a.m. Survey the house to see what kind of trouble the puppy caused overnight. Last week he ate a loaf of bread and a cherry pie. All clear today. Take dogs out, feed the cat, make sure the kids are up and getting ready for school, husband reading the paper. Okay — we're good to go.

This is my first blog. When Internal Auditor contacted me and asked me to do this, I thought, "What on Earth can I blog about — and who will want to read it?" But then I thought about my crazy work/home life "blend." I've always wondered how other busy auditors and working parents manage that balance — particularly when both parents manage a career and travel.

Categories

Related Blogs

Feeds

The opinions expressed by Internal Auditor's bloggers may differ from policies and official statements of The Institute of Internal Auditors and its committees and from opinions endorsed by the bloggers' employers or the editors of Internal Auditor. The magazine is pleased to provide you an opportunity to share your thoughts about these blog posts. Some comments may be reprinted elsewhere, online or offline.